menu
  • Our Story

    • Overview
    • Careers
    • Locations
    • Diversity, Equity & Inclusion
    • Pro Bono
    • Community Involvement
    • Firm Leadership
    • History
    • Alumni
    • Affiliations
    • Media Inquiries
    • Make a Payment
  • Our People

  • Our Insights

    • Events/CLE
    • Publications
    • News
    • Blogs
  • Our Practices & Industries

    • Business
      • Business Transitions
      • Construction
      • Corporate, Securities and M&A
      • ERISA, Life, Health & Disability
      • Finance & Banking
      • Immigration
      • Intellectual Property Transactions
      • Labor, Employment & Benefits
      • Private Client Services
      • Private Investment Funds
      • Real Estate
      • Startups & Emerging Companies
      • Tax
      • Wage & Hour
    • Litigation
      • Antitrust, Competition, & Trade
      • Appellate
      • Class Actions
      • Commercial Litigation
      • Construction
      • Creditors' Rights & Bankruptcy
      • Electronic Discovery, Technology & Strategy
      • ERISA, Life, Health & Disability
      • Fiduciary Litigation
      • Financial Institutions Litigation & Investigations
      • Insurance
      • Intellectual Property Litigation
      • International Arbitration
      • Labor, Employment & Benefits
      • Securities & Corporate Governance Litigation
      • Wage & Hour
    • Industries
      • Blockchain & Cryptocurrency
      • Food, Beverage & Hospitality
      • Government Law
      • Investigations, Compliance & White Collar
      • Japan Practice
      • Nonprofit & Social Enterprise
      • Privacy & Data Security
      • Senior Living & Long Term Care
      • Transportation
    • Services
      • COVID-19 Landlord/Tenant Response Team
      • COVID-19 Resource Center
      • Cyber Health Assessment
      • Lumos Discovery
  • Our Locations

    • Anchorage
    • Portland
    • Seattle
  • Our Careers

    • Attorneys
    • Summer Associates
    • Professional Staff
  • Our Diversity

    • Diversity, Equity & Inclusion
    • Our Story
Lane Powell Web Site
  • OUR PEOPLE
  • STORY
  • INSIGHTS
  • PRACTICES & INDUSTRIES
Search
  • 日本語
  • 中文
  • 한국어
Email this pagePrint this pagePrint to PDF

Privacy & Data Security

Our Privacy & Data Security Team is designed to effectively and efficiently serve companies of all sizes, from startups to Fortune 500, and across industry sectors at every stage of the data lifecycle. Data regulation is dictated by complicated and intersecting privacy and data protection standards. Our dedicated team offers experienced guidance in multinational, federal and state privacy regimes, including GDPR and CCPA.  

Our experienced and technologically savvy attorneys provide full service representation to companies building or utilizing emerging technologies such as robotics, drones, AI, Internet of Things devices, biometrics and blockchain, from DevOps to employee tracking to market entry and beyond. Clients operating in highly regulated industries benefit from our slate of attorneys with decades of experience to resolve industry-specific privacy concerns, including HIPAA considerations, consumer financial data implicating Graham-Leach Bliley applicability, and marketing practices under CAN-SPAM and the TCPA.

At Lane Powell, every client relationship begins with our Cyber Health Assessment, a free comprehensive analysis of the key facets of the privacy and data security environment resulting in a tailored suite of integrated privacy law compliance and risk mitigation services and pricing options.

From preliminary risk assessment of privacy and data security policies to breach preparedness and response, our Privacy & Data Security Team crafts custom strategies to assist clients in effectively and efficiently minimizing legal and reputational risk related to the collection, use, storage and loss of sensitive data. 

Proactive Data Security Counseling

  • Evaluate and assess cyber liability risk.
  • Advise regarding compliance with state, federal and international privacy and data security regulations, including GDPR and CCPA.
  • Structure procedures to best facilitate HIPAA compliance and audits.
  • Perform security assessments, craft data breach response plans, and develop and facilitate data breach table top exercises.
  • Train employees to minimize the risk of intentional theft or negligent loss of data.
  • Evaluate and negotiate cyber liability insurance options.
  • Advise officers and directors on disclosure obligations regarding cybersecurity and privacy matters.

Compliance Advice and Implementation

  • Design privacy law compliance strategies to fit your business plan.
  • Create effective privacy notices/policies, terms of use and end user licensing agreements for web, IoT, AI and mobile application implementation.
  • Prepare startups for market via website readiness and internal privacy policy development.
  • Prepare legitimate interest assessments and risk assessments, as necessary to achieve GDPR and/or CCPA compliance.
  • Develop internal policies to control and manage sensitive data, select data processing vendors, and respond to consumer requests to exercise their rights under the GDPR and/or CCPA.
  • Provide corporate training from C-Suite to staff on internal protocols and best practices for privacy law compliance and security risk mitigation.

Data Privacy Considerations in Corporate Transactions 

  • Data protection addenda (DPA) due diligence and drafting.
  • Draft and negotiate commercial contracts including SaaS agreements, cloud-based service contracts, DevOps and subscription services agreements, and other technology product and service offerings.
  • Analysis and risk assessment of existing third party contracts with technology and marketing vendors.
  • Merger and acquisition due diligence regarding data as a transferable asset, consumer and employee data privacy considerations, and use and transfer of technology.

 Data Breach Strategy Development and Response

  • Assist in the implementation of a data breach response plan.
  • Coordinate breach assessments and action plans.
  • Coordinate with local and national law enforcement personnel when necessary.
  • Ensure compliance with state, national and international breach notification laws.
  • Represent clients in regulatory investigations and civil lawsuits that arise from data breach events.

Related Practices & Industries

  • Blockchain & Cryptocurrency
  • Commercial Litigation
  • Corporate, Securities and M&A
  • Electronic Discovery, Technology & Strategy
  • Finance & Banking
  • Government Law
  • Intellectual Property Transactions
  • Investigations, Compliance & White Collar
  • Labor, Employment & Benefits
  • Senior Living & Long Term Care
  • Startups & Emerging Companies
  • Transportation

Have a Data Privacy Inquiry?

 

Email Us

  • Updated Cyber Health Assessment

Get to Know Us

Experience

  • Ransomware Attack
    Represented skilled nursing facility with respect to a ransomware incident, including investigation of incident, HIPAA breach analysis and notice issues, and appropriate mitigation and response issues.
  • HIPAA-Related Agreements
    Represented national employer in preparation of agreement with medical university for use where medical student interns receiving certain training experiences on client employer’s premises, to make sure that HIPAA-based privacy duties are met.
  • HIPAA Issues Implicated by Witness Subpoena
    Represented national senior living and long term care provider with respect to HIPAA and other privacy concerns implicated when its medical staff was subpoenaed to testify as a third-party witness in a lawsuit. Negotiated with counsel in the preparation and entry of an appropriate Protective Order, including appropriate procedures to comply with HIPAA and otherwise comply with privacy rights and duties.
  • Social Media Policy Development and Implementation
    Prepared training materials for use by professional trade group organization with respect to development, implementation and enforcement of appropriate social media policies for HIPAA-covered entities’ and other care providers.
  • HIPAA Compliance / Online Health Application
    Prepared HIPAA and other privacy related policies for developer of online-accessed health-related application.

Our Insights

  • February 25, 2021Event / CLE
    What the Biden Administration Means for Startups
    Lane Powell & Geekwire | Virtual
  • January 19, 2021News
    Archuleta Quoted in Bloomberg Law Article ‘Washington Privacy Bill Likelier to Pass, But Roadblocks Remain’
    In the News
  • May 12, 2020Publication
    Rampant Identity Theft Discovered in Unemployment Claims: Steps Washington Employers Should Take Now
    COVID-19 Resource
  • April 22, 2020Publication
    Adapt to Thrive: Privacy and Data Security Considerations for Taking Business Online in Response to COVID-19
    COVID-19 Resource
  • March 29-31, 2020Event / CLE
    Privacy and Data Security Essentials for Spirits Companies
    American Craft Spirits Association Distillers’ Convention | Portland, Oregon
  • March 23, 2020Publication
    Privacy & Data Security in a WFH Environment
    COVID-19 Resource
  • January 14, 2020Event / CLE
    Cyber Security & the Maritime Industry: How to Address Privacy & Data Security
    Maritime Commerce Club | Portland, Oregon
  • November 14, 2019Event / CLE
    Cybersecurity Director Roundtable
  • November 4, 2019Event / CLE
    Let’s Get Digital: Privacy & Data Security Best Practices in the Workplace
    Oregon Bureau of Labor and Industries 35th Annual Employment Law Conference | Portland, Oregon
  • May 1, 2019Event / CLE
    36th Annual ‘Best Practices for Best Employers™’ Labor & Employment Seminar
    Lane Powell Seminar | Portland, Oregon
  • March 14, 2019Event / CLE
    Travel Risk Symposium
    Key Travel | Atlanta
  • February 6, 2019News
    Archuleta Featured as a ‘Promising Start’ by Colorado Law School
    In the News
  • November 1, 2018Event / CLE
    Privacy & Data Security in the Workplace: Issues and Best Practices for Employers
    Bureau of Labor & Industries | Portland, Oregon
  • October 23, 2018Event / CLE
    36th Annual ‘Best Practices for Best Employers™’ Labor and Employment Seminar
    Lane Powell Seminar | Seattle
  • September 13, 2018Event / CLE
    Equal Employment Opportunity Commission Seattle Seminar
    EEOC Training Institute | Bellevue, Washington
  • June 6, 2018Event / CLE
    35th Annual ‘Best Practices for Best Employers™’ Labor & Employment Seminar
    Lane Powell Seminar | Portland, Oregon
  • May 20-23Event / CLE
    2018 LeadingAge Oregon Annual Conference
    LeadingAge Oregon | Redmond, Oregon
  • April 19, 2018Event / CLE
    Cybersecurity and the CFO
    Financial Executives International | Portland, Oregon
  • March 1, 2018Event / CLE
    ‘Lucky to be in LTC’ Spring Expo
    Oregon Health Care Association | Eugene, Oregon
  • February 1, 2018Publication
    Cyber-Threat Reduction: How Employee Policies and Practices Can Help Senior Living and Long Term Care Employers Bolster Privacy and Data Security
    PALS Advisor
  • November 6, 2017Event / CLE
    Privacy and Data Security for Employers: Cyber Threats in Your Workplace
    Oregon Bureau of Labor and Industries | Portland, Oregon
  • October 17, 2017Event / CLE
    35th Annual ‘Best Practices for Best Employers’ Labor and Employment Seminar
    Lane Powell Seminar | Seattle
  • July 12, 2017Publication
    Health Information Data Security: Low-Tech Action in the Trenches to Thwart High-Tech Threats
    Oregon Business Magazine
  • May 12, 2017Event / CLE
    Succession Planning and Policies
    World Law Group | Warsaw, Poland
  • May 11, 2017Event / CLE
    Social Media in Senior Living: The Intersection of Marketing and Privacy
    Oregon Health Care Association | Portland, Oregon
  • May 2017Publication
    Planning for the Worst: White House Guidance on Avoiding, and Coping With, Data Breaches
    Legaltech News
  • April 3, 2017Publication
    Ransomware and Long Term Care: How the Threat of Holding Patient Records Hostage Impacts HIPAA Analysis
    PALS
  • December 21, 2016Publication
    OCR’s 2016 Ransomware ‘Guidance’: A Health Care Provider’s New Best Friend?
    Health Care Liability & Litigation
  • November 7, 2016Publication
    Ransomware Cyber Security Threat Tests Providers’ Defenses
    Provider Magazine
  • August 18, 2016News
    Lane Powell Contributes to the World Law Group’s Global Guide to Whistleblowing Programs
    In the News
  • May 5, 2016Publication
    Increased Ransomware Attacks and Phase 2 HIPAA Audits: Two Closely-Related Issues for Long Term Care Providers
    Lane Powell White Paper
  • April 8, 2016News
    Panama Papers: A History of Tax Evasion From Ancient Rome to the French Revolution to 19th-Century New Jersey
    In the News

Before proceeding, please note:  If you are not a current client of Lane Powell PC, please do not include any information in this email that you or someone else considers to be confidential or secret in nature.  Prior to the establishment of a lawyer-client relationship, unsolicited emails from non-clients containing confidential or secret information cannot be protected from disclosure.

back to top
  • Our Story

    • Overview
    • Careers
    • Locations
    • Diversity, Equity & Inclusion
    • Pro Bono
    • Community Involvement
    • Firm Leadership
    • History
    • Alumni
    • Affiliations
    • Media Inquiries
    • Make a Payment
  • Our People

    • Our Insights

      • Events/CLE
      • Publications
      • News
      • Blogs
    • Our Practices & Industries

      • Business
      • Litigation
      • Industries
      • Services
      • View All

    Blogs

    Boom: The ERISA Law Blog
    Earth & Table Law Reporter

    • Site Map
    • Disclaimer
    • Data Privacy & Security
    • Contact Us
    • Subscribe
    © 2021 Lane Powell PC Lane Powell & LP
    Logo, Reg. U.S. Pat. & Tm. Off.
    Sitemap
    Connect With Us
    • Twitter
    • Facebook
    • Linkedin
    • Vimeo
    • Make a Payment